The following email was sent to students, faculty, and staff by Chief Information Officer Gina Siesing on Wednesday, May 7.
Dear Bryn Mawr Students, Faculty, Staff, and Emeriti,
This week, a number of community members have reported trouble sending email to a variety of destinations. We wanted to let you know that we are aware of this issue and to explain the cause and status.
Bryn Mawr email is being blocked by several email filtering services because of large quantities of spam messages originating from Bryn Mawr email addresses. While we do filter our outgoing mail through our anti-spam vendor, enough messages got through to affect our reputation as an email sender. This reputation score is used by anti-spam services (used by many companies, institutions, and email providers) to determine whether to accept or reject brynmawr.edu mail — in other words, whether our email will be placed on a blacklist.
The phishing scams are sophisticated and relentless. Information Services periodically circulates information about email scams and cautions against sending passwords via email, entering your password into questionable Web sites, and using the same password for both your personal and Bryn Mawr accounts. We highly recommend that you use separate passwords for your various non-Bryn Mawr services and that you change your passwords regularly to mitigate against potentially compromised accounts. In this case, about half a dozen Bryn Mawr accounts were taken over during the past two weeks by spammers using passwords gained through email scams, and each account generated thousands of messages.
Our systems administrators have been working diligently to identify and address hijacked accounts as quickly as possible, and are actively working through the process of having us removed from the major blacklists, including those reported to us by community members attempting to send out email and receiving rejection notices. However, each time another account generates a large volume of spam, it takes longer to restore our reputation score; this time frame is outside our control and is determined by the blacklist authorities. Currently, we are able to send email to most destinations, but not to all; we expect this temporary situation to improve steadily and for all blocks to be removed shortly, so long as we have no further incidents.
The inability to send email to colleagues, business associates, family and friends has significant impact for all of us. It affects the operations of the College and people’s individual lives. Information Services considers this to be an utmost priority. However, we need your help. Even a few compromised accounts are enough to cause a major issue. Please be aware of this issue and share your knowledge with others. I invite you to review the post at http://is.blogs.brynmawr.edu/?p=3804 for information about identifying an email scam and what to do if you think you have answered one.
Thank you for your patience as we work to resolve this issue. Please let us know if you have any questions.